Five Risky HIE Practices that Threaten Data Integrity

By Grant Landsbach, RHIA and Beth Haenke Just, MBA, RHIA, FAHIMA

In recent years health information exchange (HIE) has emerged as a trusted model for sharing patient information across hospitals and health systems to drive improved care coordination and, ultimately, quality and outcomes. The result of the convergence of advanced health information technologies, federal regulations and incentives, and increased awareness of the impact information exchange can have on population health, HIE organizations (HIOs) bring a number of benefits to patients, providers, and organizations alike.

HIOs ensure that clinicians have access to the information they need, when they need it, for more informed diagnoses and treatment decisions. Ready access to comprehensive patient information also improves care coordination, especially when transitioning patients from one healthcare setting to another. HIOs have also been shown to improve organizational efficiencies, giving physicians more time to focus on what's important—their patients. There are a variety of flavors of HIE, including a single healthcare system sharing information across partner facilities and a Regional Health Information Organization (RHIO) acting as the liaison for information exchange across unrelated entities. However, the goal remains the same—to facilitate the secure exchange of accurate patient information between entities to enable better and more immediate care.

Yet despite their potential, system issues, stakeholder demands, and resource limitations have forced many HIOs to resort to subpar data integrity practices that, while appearing harmless on the surface, could compromise the long-term success of the HIO—and potentially patient safety.

After all, the information housed in HIO databases is not information that determines which customers should receive the next sales catalog. It is health information that is being used to deliver life-saving or life-sustaining services. As a result, similar to the airline industry, healthcare must operate on a zero error tolerance model.

With the hope of inspiring action to correct potential mistakes, the following explains five risky HIE practices that threaten data integrity.

Risk #1: Relying on Weak Algorithms

There is a prevailing belief that the record matching algorithms standard within a number of health information systems will adequately identify and manage duplicate records. As a result, organizations often take a hands-off approach, expecting the system to do the heavy lifting in terms of duplicate identification and resolution.

The problem with utilizing these system-embedded algorithms as the primary means of identifying duplicate records is that even highly weighted potential duplicates are not always the same person. It is a "needle in the haystack" problem, one that grows exponentially as HIO databases grow. That is because, as these databases mature, the likelihood of having two or more individuals with the same name and date of birth increases.

The reality is these issues cannot be accurately resolved based solely on weak algorithms. When HIO and EHR administrators rely too heavily on these algorithms and auto-merging to manage duplicates, the end result is often overlaid records—which can ultimately be more dangerous than duplicates since information can be merged into the wrong record. Some systems don't have the functionality to support the separation of the two records, leaving staff with the dilemma of how to handle the issue. Further, as these databases grow, so too does the chance of creating these potentially dangerous patient records.

Risk #2: Failing to Include HIM Staff in Implementing Record-Matching Algorithms

An HIO's enterprise master patient index requires complex data mapping from all participating organizations' EHRs and downstream systems, a task that is often left up to information technology (IT) teams. However, while IT professionals are well equipped to direct data to where it needs to be, they may not be sufficiently knowledgeable on what constitutes critical data or where that data resides in the patient record.

For example, if IT doesn't fully understand the importance of comprehensive demographic data in patient matching, they may limit the data mapped to the HIO to common fields like first name, last name, date of birth, and gender. This oversight on the back end can create serious challenges in preventing and eliminating duplicate and overlaid records once the data is moved into the HIO; challenges that are exacerbated as more participants join and more data is shared.

Take for instance a million-record database. Utilizing common fields as the basis for patient matching, particularly with a high occurrence of common first and last names, could result in systems overlaying on average 1 percent to 2 percent of patient records—or a total of 10,000 to 20,000 records.

Risk #3: Failure to Manage Ongoing Data Integrity

For many organizations, data integrity begins and ends with removing duplicate records from the master patient index prior to a new system implementation. This is a strong practice, but it is not sufficient to mitigate the long-term risk of duplicate or overlaid records.

The fact is, duplicate records are created on a daily basis and will continue to populate and pollute systems unless action is taken to not only remove them but to also prevent their creation in the first place. Making matters worse, these duplicates exist not only in the registration system but also pollute all downstream clinical systems. For example, admissions departments that have not established standard naming conventions for entering patients into the system run the risk of creating a duplicate record if a patient's name is misspelled or entered under a nickname.

Unless these issues are addressed and strong data integrity practices are put into place, the number of duplicates entering the system each day will be difficult to manage and care decisions will be impacted.

Risk #4: Lack of Standard Interfaces and Automated Processes

Another prevailing myth surrounding data integrity is that there are no truly effective means for automating data mapping, integrity audits, and duplicate reconciliation and merging. As a result many organizations resort to primarily manual processes, which require time and resources that many do not have. More importantly, manual processes—such as utilizing reports derived from rudimentary record-matching algorithms to identify and track duplicates—are inefficient and error-prone.

As for interfaces, while it is true that multiple standards make pure automation of interfacing impossible at this time, patient identification segments do feature standard fields for key patient demographic data. Therefore as long as automated record-matching algorithms are strict enough, transactional interfaces for information exchange can also be automated.

Risk #5: Establishment of Weak Governance Processes

A common error that many HIOs make is establishing weak data governance out of fear that the strong policies necessary to fully regulate the integrity of data being shared across the organization will hinder participation.

However, while weak governance may encourage broader participation, it ultimately is more harmful to the HIO. Weak governance results in dirty data entering the system, creating issues that are compounded as that information moves from one system to another. It also impacts provider confidence in the information they access via the HIO, which hampers clinician adoption.

Imagine for a moment that the HIO is a lake, and each participating organization is a river feeding water into the larger system. Now picture what would happen if all of the rivers were clean except for one. At first you may not notice the dirty water, but as more and more pollution enters the system soon the entire lake will be polluted and each river will also be affected. The same holds true for dirty data within a HIO. While a small percentage of dirty data may not seem like an issue to the participating organization, the problem multiplies once data is shared within the HIO and the database gets larger.

Weak governance may also result in other issues for the HIO. For example, policies that encourage unlimited data access may result in the creation of overlaid records by individuals who are not trained to identify and eliminate duplicate records. Further, unauthorized personnel accessing patient data may result in a violation of the Health Insurance Portability and Accountability Act (HIPAA).

HIE Data Integrity Best Practices

To avoid these dangers and eliminate the problems caused by dirty or duplicate data, HIOs are advised to implement strong data integrity best practices. Doing so will ensure that patient information is clean and accurate and care decisions are not negatively impacted.

For example, by utilizing advanced duplicate matching algorithms to strengthen those built into systems, organizations can increase the number of duplicates identified and reduce the number of false positives. Also, establishing teams of data integrity professionals to review potential duplicates will speed the reconciliation process.

Strong governance policies for ongoing data integrity at the participant and HIO levels ensures that systems remain clean and the root causes of duplicate records are addressed. These processes should include education and training for administrative staff, as well as mandatory master patient index cleanups before allowing new entities into the HIO.

Data mapping, integrity audits, duplicate data monitoring, identification and reconciliation, and other manual processes should be automated whenever possible to mitigate the risk of human error. Data standards such as HL7 should also be integrated into exchange infrastructures.

Finally, HIOs should implement strong data governance processes at the outset to ensure data integrity, create confidence and trust in the information being shared, and, ultimately, create a stronger and more sustainable HIO.

HIM's Role in HIE Data Integrity

HIM professionals should play a leading role in implementing data integrity best practices across HIOs. While IT can make valuable contributions to the process, much of the knowledge and expertise needed to successfully identify and correct duplicate or overlaid records resides with HIM.

HIM professionals understand the content of the patient record and the meaning of the numerous data fields. Because of this, they tend to have a better understanding of the causes of duplicate records. HIM should be involved in all aspects of data integrity—from implementing strong governance practices to ensuring that data integrity is managed on a daily basis.

Data integrity efforts start with ensuring that system-embedded record matching algorithms are strict enough to reduce the number of false positives and mitigate the risk of overlaid records. By taking an expert role in this arena and providing IT with the guidance it needs to ensure the correct data fields are being used within algorithms, HIM can mitigate the long-term risk of incorrect or inappropriate record matching and of overlaid record creation both within the individual organization and across the HIO.

Ongoing evaluation of auto-linked records by HIM professionals will also help ensure that record-matching algorithms remain accurate. While more sophisticated algorithms may not change over time, there is a chance that their less advanced counterparts will need tweaking as they are more sensitive to small changes in the demographic profile of the patient.

HIM and IT should also work side by side during the data mapping process. This includes both ensuring that data fields are correctly mapped across systems and also testing systems to ensure they are properly identifying potential duplicate records.

To address the number of duplicates that enter the HIO system on a daily basis, HIM should be tasked with designing, implementing, and managing the processes by which duplicate and overlaid records are assessed and their cause determined, pinpointing where duplicates are entering the system and who is responsible for their creation. HIM has the knowledge and experience to aggregate these findings and report them to the HIO's data governance committee with specific recommendations on how administrators within registration and scheduling can reduce or eliminate errors. HIM can also utilize this data to identify those users who may require additional training or corrective action and design appropriate education programs.

For example, one regional health system that put HIM in charge of designing and implementing these processes identified an unusually large number of registration errors within a one-week period. Further analysis determined that all of these errors were generated in the same department and revealed the cause to be individuals who were unfamiliar with the registration process, according to a case study developed by Just Associates.1 In an attempt to save time, these users began creating new records for every patient rather than searching the master patient index for existing ones—thus creating a large number of duplicate records.

By tasking HIM with pinpointing the cause of data integrity issues and providing additional training and education, the number of registration errors originating from this department within the health system quickly dropped to single digits.

Finally, HIM should play a key role in instituting data governance policies, including representation on the HIO's data governance committee. Their guidance is invaluable for ensuring the long-term quality and integrity of the data being provided by each organization and that no single provider is polluting the HIO database. The reality is that while no two HIOs are the same, the key to success is consistent across the board—strong data integrity practices driven by HIM professionals ensure participants are sharing accurate patient information that is free of duplicate and overlaid records.


  1. Just Associates. "Studies in Success: Sharon Regional." 2012.

Grant Landsbach ( is data integrity/MPI manager for the Sisters of Charity of Leavenworth (SCLHS) and Exempla Health System, headquartered in Denver, CO. Beth Haenke Just ( is founder and CEO of Just Associates, a healthcare data integration consulting firm focused on data integrity, data migration, and health information exchange.

Article citation:
Landsbach, Grant; Just, Beth Haenke. "Five Risky HIE Practices that Threaten Data Integrity" Journal of AHIMA 84, no.11 (November 2013): 40-42.